Detected package version outside of dependency constraint: Duende.IdentityServer.EntityFramework.Storage 5.2.0

[Ogglas]

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

I got a warning/error in Visual Studio when installing NuGet AutoMapper:

NU1608 Detected package version outside of dependency constraint:
Duende.IdentityServer.EntityFramework.Storage 5.2.0 requires
AutoMapper (>= 10.0.0 && < 11.0.0) but version AutoMapper 11.0.1 was
resolved.

I tracked this to NuGet Microsoft.AspNetCore.ApiAuthorization.IdentityServer

https://www.nuget.org/packages/Microsoft.AspNetCore.ApiAuthorization.IdentityServer

If you look at Microsoft.AspNetCore.ApiAuthorization.IdentityServer NuGet dependencies is:

• net6.0
• Duende.IdentityServer (>= 5.2.0)
• Duende.IdentityServer.AspNetIdentity (>= 5.2.0)
• Duende.IdentityServer.EntityFramework (>= 5.2.0)
• Duende.IdentityServer.EntityFramework.Storage (>= 5.2.0)
• Duende.IdentityServer.Storage (>= 5.2.0)
• Microsoft.AspNetCore.Authentication.JwtBearer (>= 6.0.5)
• Microsoft.AspNetCore.Identity.EntityFrameworkCore (>= 6.0.5)
• Microsoft.AspNetCore.Identity.UI (>= 6.0.5)
• Microsoft.Extensions.Http (>= 6.0.0)
• Newtonsoft.Json (>= 13.0.1)

I can solve the warning manually by updating the libraries below:

• Duende.IdentityServer
• Duende.IdentityServer.AspNetIdentity
• Duende.IdentityServer.EntityFramework
• Duende.IdentityServer.EntityFramework.Storage
• Duende.IdentityServer.Storage

Duende.IdentityServer.EntityFramework.Storage 6.1.0 has the following dependencies which will fix it:

• net6.0
• AutoMapper (>= 11.0.0 && < 12.0.0)
• Duende.IdentityServer.Storage (>= 6.1.0)
• Microsoft.EntityFrameworkCore.Relational (>= 6.0.0)

https://www.nuget.org/packages/Duende.IdentityServer.EntityFramework.Storage/

However this led to the exception below after running a migration in endpoints.MapRazorPages();.

System.Reflection.ReflectionTypeLoadException: 'Unable to load one or
more of the requested types. Method 'get_ServerSideSessions' in type
'Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ApiAuthorizationDbContext`1'
from assembly 'Microsoft.AspNetCore.ApiAuthorization.IdentityServer,
Version=6.0.5.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'
does not have an implementation.'

Describe the solution you'd like

Latest Microsoft.AspNetCore.ApiAuthorization.IdentityServer should be compatible with latest Duende.IdentityServer.EntityFramework.Storage

Additional context

No response

[StonedHackerman]

same issue

[wtgodbe]

@HaoK related to #41315, do we need to backport that change to 6.0?

[HaoK]

I don't think so, upgrading versions for 7 isn't the same thing as bumping up versions in 6, if they are able to upgrade the packages to make everything work.

@Ogglas is everything working after you upgraded all of the relevant duende packages yourself?

[ghost]

Hi @Ogglas. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.

[ghost]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.

See our Issue Management Policies for more information.

[Ogglas]

@HaoK Nope I got the exception below in endpoints.MapRazorPages(); so I had to revert.

System.Reflection.ReflectionTypeLoadException: 'Unable to load one or
more of the requested types. Method 'get_ServerSideSessions' in type
'Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ApiAuthorizationDbContext`1'
from assembly 'Microsoft.AspNetCore.ApiAuthorization.IdentityServer,
Version=6.0.5.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'
does not have an implementation.'

[BrennanConroy]

Looks like there may be breaking changes between Duende 5.x and 6.x. We recommend replacing the incompatible identity packages/dbcontext since we can't update the dependency in .net 6.0 as it may be breaking. Your best bet is to consult the migration docs https://docs.duendesoftware.com/identityserver/v6/upgrades/v5.2_to_v6.0/ but this isn't something we are directly supporting for 6.0

[picBuilderLabs]

Getting the following exception
System.Reflection.ReflectionTypeLoadException: 'Unable to load one or more of the requested types. Method 'get_ServerSideSessions' in type 'Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ApiAuthorizationDbContext1' from assembly `
after updating the nuget package Duende.IdentityServer.EntityFramework to version 6.1.0. Reverting this package back to 6.0.4 resolves this error , seems like there is an incompatibility introduced. If anyone has a fix so I can upgrade this package is appreciated.

[neozhu]

@picBuilderLabs
I have the same problem when upgrading to Duende.IdentityServer.EntityFramework to version 6.1.0.

[borgarer]

@picBuilderLabs same issue here. Have you guys found any workarounds orther than reverting back to 6.0.4?

[yakeer]

Any news on this issue?

[borgarer]

Hi @yakeer
In my case, it turned out that I wasn't actually using anything from the Microsoft.AspNetCore.ApiAuthorization.IdentityServer package. So by removing its reference from my .csproj the exception disappeared.

I see they have releaased v. 6.0.7 only 7 days ago. You might also want to try and see if the issue has been addressed there.